0

How do I get the number of all file IO calls produced within the Windows-based OS (to get it working at least on XP) for all processes? Something similar to the Process Monitor, but programmatically accessible from C# (can be via C++ or C)

I don't need to know the details, just the count of all calls per second, once the number is obtained I will log it (every second) to a file, such as this one

50395
39581
59205
...

UPDATE
There are some APIs available, but I am not too sure if I can use them for the whole OS

oleksii
  • 35,458
  • 16
  • 93
  • 163

1 Answers1

1

The term you're looking for is "Realtime ETW consumer" - this isn't going to work on XP though. On XP, you can get this data, but not real-time, only after recording it then decoding the log.

Ana Betts
  • 73,868
  • 16
  • 141
  • 209
  • tnx for the answer. How does ProcMon do it on XP? – oleksii May 30 '11 at 18:52
  • 1
    ProcMon does it through extremely careful hacky methods in kernel mode that only someone like Mark can pull off. It's not an option for mere mortals like you and I :) – Ana Betts May 31 '11 at 02:17
  • yeah it looks like mission impossible :) – oleksii May 31 '11 at 09:35
  • If all you want to do is log it, then non-realtime ETW will work fine - you just need to post-process the traces and you'll get your file. You might also want to look into Perf Counters, might also get you this info. – Ana Betts Jun 03 '11 at 18:44